package com.xhb.campusservices.config;

import com.xhb.campusservices.shiro.UserRealm;
import com.xhb.campusservices.util.JWTFilter;
import com.xhb.campusservices.util.JWTFilter2;
import org.apache.shiro.mgt.DefaultSessionStorageEvaluator;
import org.apache.shiro.mgt.DefaultSubjectDAO;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import javax.servlet.Filter;
import java.util.HashMap;
import java.util.LinkedHashMap;
import java.util.Map;

@Configuration
public class ShiroConfig {

    @Autowired
    JWTFilter jwtFilter;
    //3.ShiroFilterFactoryBean
    @Bean(name = "shiroFilterFactoryBean")
    public ShiroFilterFactoryBean getShiroFilterFactoryBean(@Qualifier("secM") DefaultWebSecurityManager defaultWebSecurityManager) {
        ShiroFilterFactoryBean bean = new ShiroFilterFactoryBean();
        //添加自己的过滤器并且取名为jwt
        Map<String, Filter> filterMap = new HashMap<>();
        filterMap.put("jwt", jwtFilter);
        bean.setFilters(filterMap);
        //设置安全管理器
        bean.setSecurityManager(defaultWebSecurityManager);
        //拦截,自定义url规则
        Map<String, String> filterRuleMap = new LinkedHashMap<>();
        //授权,正常的情况下，没有授权会跳转到未授权页面
        /*
             /* 是拦截所有的文件夹，不包含子文件夹
             /** 是拦截所有的文件夹及里面的子文件夹
             相当于/*只有后面一级
             /** 可以包含多级
        * */
        //不经过我们的过滤器
        /*filterRuleMap.put("/user/login","anon");
        filterRuleMap.put("/user/registered","anon");
        filterRuleMap.put("/user/sendMail/**","anon");*/

        //filterRuleMap.put("/user/list","anon");

        //其他的经过我们的过滤器，且必须要认证
        filterRuleMap.put("/user/**","jwt");
        filterRuleMap.put("/task/**","jwt");
        filterRuleMap.put("/order/**","jwt");
        filterRuleMap.put("/feedback/**","jwt");
       // filterRuleMap.put("/admin/**","jwt,authc");
        //filterRuleMap.put("/user/**","jwt");

        bean.setFilterChainDefinitionMap(filterRuleMap);
        //设置登录的请求
       // bean.setLoginUrl("/user/login"); //如果不设置默认会自动寻找Web工程根目录下的"/login.jsp"页面
        return bean;
    }

    //2.DefaultWebSecurityManager
    @Bean(name = "secM")
    public DefaultWebSecurityManager getDefaultWebSecurityManager(@Qualifier("userRealm") UserRealm userRealm) {
        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
        //关联UserRealm
        securityManager.setRealm(userRealm);
        //关闭shiro自带的session
        DefaultSubjectDAO subjectDAO = new DefaultSubjectDAO();
        DefaultSessionStorageEvaluator defaultSessionStorageEvaluator = new DefaultSessionStorageEvaluator();
        defaultSessionStorageEvaluator.setSessionStorageEnabled(false);
        subjectDAO.setSessionStorageEvaluator(defaultSessionStorageEvaluator);
        securityManager.setSubjectDAO(subjectDAO);

        return securityManager;
    }

    //1.创建 realm 对象，需要自定义
    @Bean
    public UserRealm userRealm() {
        return new UserRealm();
    }

}
